10C/ Bypassing eSignature Regulations for SSI Adoption

From IIW

Bypassing eSignature Regulations for SSI Adoption

Wednesday 10C

Convener: Nuttawut Kongsuwan

Notes-taker(s): Catherine Nabbala

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Thailand is the second country after Canada that officially recognizes Verifiable credential standards.

Thailand has three types of e-signatures

Your name, email signatures, scanned handwritten signatures etc that has very low trust level.

Using public and private keys (PKI) with medium level of trust

Qualified Certificate Authority with high level of trust

Finema’s approach is to use Hybrid CA/DID model with an approach that has minimal disruption, key rotation friendly as well as prompt DID and VC adoption.

Advantageous in a way that you can apply Key rotation and use the same certificate.

Eric Welton:

VC certificates are the same as X.509 certificates?

Where is the schema for the VC?

How broad is the Government acknowledgement of VC?

Nathan George:

Has it been approved yet?

Canada is doing the same approach and no need to go through a CA.

We can automate the process and avoid the manual way.

No need to bypass the authorities take an example of digiCert

You can’t have a successful holder without preserving transactional privacy

X.509 didn’t work very well but there is no way of handling data effectively.

Leah Houston:

thats the US- DEA, ACGME, NBME

Authorities don’t really care about Privacy.They are mainly authoritative.